CVEs (1)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
2Fedoraproject Janrain2Fedora Ruby OpenidApr 29, 2026 Dec 12, 2013 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The ruby-openid gem before 2.2.2 for Ruby allows remote OpenID providers to cause a denial of service (CPU consumption) via (1) a large XRDS document or (2) an XML Entity Expansion (XEE) attack. |